Threat Intelligence Blog

LookingGlass Weekly Cyber Security Trends Report – February 25, 2015

Posted February 25, 2015

Welcome to the Cyveillance Weekly Cyber Security Trends Report

Since threat intelligence is constantly evolving, we publish this weekly report to keep our customers updated on the latest threats across a variety of industries. You can read an abridged version below. Follow us on Twitter and subscribe to our blog to make sure you don’t miss any of the latest security articles from Cyveillance experts.

Top Incidents

Cyber Crime

A leading Russian cybersecurity firm estimates the Anunak – a.k.a. Carbanak – gang has now stolen up to $1 billion from banks all over the world, in part by using “jackpotting” malware that infects ATMs. The majority of the targets were in Russia, but many were also in Japan, the United States and Europe.

Domain name servers (DNS) are being used to exfiltrate information, by taking DNS requests to tunnel stolen data. The malwares identified were FeederBot, Morto, and FrameworkPOS were spotted using DNS.

Legal and Regulations

This month, bipartisan legislation was introduced in the California Senate that would require law enforcement to get a search warrant before accessing a person’s digital information. The proposed California Electronic Communications Privacy Act (S.B. 178) is broadly written to protect “any information about an electronic communication or the use of an electronic communication service”, including contents, location, metadata and other personally identifiable information. This bill has strong support from tech giants Google and Facebook, as well as the Electronic Frontier Foundation and the ACLU of California, among others.

Defense

The US State Department confirmed its non-confidential e-mail system suffered a security breach over the past three months, and is still unable to drive the hackers out of the network.

Insurance/Healthcare

Adults aren’t the only ones who can have their identity stolen. Tens of millions of American children had their Social Security numbers, date of birth, and health care ID numbers stolen in the recent data breach at health insurance giant, Anthem Inc.

Google is fighting attempts by the Justice Department to get permission for the FBI to search and seize digital data in what the search engine giant said would make it possible for the “hacking of any facility” in the world. The Advisory Committee on Criminal Rules that is considering the proposal received a sharply worded letter from Google that warns the new FBI powers would raise “monumental and highly complex constitutional, legal and geopolitical concerns that should be left to Congress to decide.” The proposed changes would allow the FBI to remotely search computers from anywhere in the world, “giving the US government unfettered global access to vast amounts of private information,” The Guardian wrote.

Cyveillance clients get access to the entire Weekly Trends Report, covering all of the above topics and much more. Contact us to find out how we can help your organization.